Privacy Policy in accordance with Art. 13-14 EU Regulation 2016/679

This page describes the methods of processing personal data carried out to provide services to Clients following the consultation of the website https://www.csgroupsrl.com/. Respecting the privacy of our Users, Clients, and Visitors (and, in general, all Data Subjects) is a priority for us.

Data Controller

The Data Controller, including for navigation data collected following the consultation of the website https://www.csgroupsrl.com/, is C.S. GROUP S.R.L., with its registered office in Augusta (SR), C.da Costa Mendola, Tax Code and VAT No. 01669590893 (hereinafter referred to as “C.S. GROUP S.R.L.”). C.S. GROUP S.R.L., as the data controller of personal data under the applicable Italian regulations on personal data protection (the “National Regulations”) and EU Regulation 679/2016 – General Data Protection Regulation (GDPR) (hereinafter, collectively referred to as the “Applicable Regulations”), recognizes the importance of personal data protection and considers its safeguarding one of its main objectives. Before providing any personal data while browsing the website, we invite you to carefully read this Privacy Policy, as it contains important information about the protection of personal data and the security measures implemented to ensure confidentiality, in full compliance with the applicable regulations. We inform you that the processing of your personal data will be carried out in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, data minimization, accuracy, integrity, and confidentiality.

Subject of Processing

The Data Controller processes personal data (identification data such as name, surname, tax code, VAT number, address, phone number, email, etc.) provided by the Data Subjects through the website.

What type of data do we process?

The processing of your data is necessary as it allows you to access the content and/or functionalities of the website, receive information, or use the services provided, should you wish to do so. In this regard, we are firmly committed to processing your personal data lawfully and consistently, in accordance with the principles and legal obligations outlined in the current Data Protection Regulations.

Purposes and Legal Bases of Processing

The personal data of the Data Subjects are processed by C.S. GROUP S.R.L. for the following purposes:

a) Responding to User Requests

– The Data will also be processed to respond to requests that Users/Clients may send to the contact details available on the Website. To this end, it is necessary for Users/Clients to provide their contact details (name, email, phone number, etc.), as failure to do so will prevent us from responding. The legal basis for this processing is the necessity to take pre-contractual and contractual measures requested by the User and to comply with related legal obligations.

b) Additional Purposes

  • Newsletter – Subject to prior consent (and subscription), which can always be revoked by simply contacting the Data Controller at the references indicated herein, the newsletter of C.S. GROUP S.R.L. may be sent via email, postal mail, SMS, and/or phone contact.
  • Marketing and Commercial Purposes – Subject to prior consent, which can always be revoked by simply contacting the Data Controller at the references indicated herein, the Client/Data Subject may receive:
  1. Commercial communications and/or advertising materials regarding products or services offered by the Data Controller via email, postal mail, SMS, and/or phone contact, as well as customer satisfaction surveys.
  2. Commercial and/or promotional communications from third parties (e.g., business partners) via email, postal mail, SMS, and/or phone contact.

The legal basis for this processing is the consent of the Data Subject.

Consent to Processing

The collection of consent from the Data Subject for the purposes outlined in section (a) is not required, as provided for by Article 6, letters (b), (e), and (f) of EU Regulation 2016/679. Conversely, it is necessary to document (traceability) the acquisition of consent (Article 7 of EU Regulation 2016/679), which must be collected in a specific and separate manner, for the purposes of newsletters, marketing, and commercial activities as outlined in section (b). In any case, the Data Subject always has the right to express their objection to the processing of their data for the aforementioned purposes. However, please note that providing data for the purposes outlined in section (a) is mandatory. Without such data, C.S. GROUP S.R.L. will not be able to respond to User/Client requests, nor will it be able to sell its products through the website, while still being required to process data to comply with specific regulatory requirements and/or requests from Authorities.

Types of Processing

The types of processing to which data is subject are defined in Article 4, No. 2 of EU Regulation 2016/679, which we summarize below for easier consultation: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion, and destruction of data.”Personal Data” refers to any information relating to an identified or identifiable natural person, particularly with reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.

Among the Personal Data collected by this website are:

Navigation data

The computer systems of the Website collect some Personal Data whose transmission is implicit in the use of Internet communication protocols. These are information that is not collected to be associated with you, but which, by their very nature, could, through processing and association with data held by third parties, allow for your identification. These include IP addresses or domain names of the devices used to connect to the Website, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file received in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to your operating system and computing environment. These data are used to gather anonymous statistical information on the use of the Website and to monitor its proper functioning; to allow – given the architecture of the systems used – the proper delivery of the various functionalities requested by you, for security reasons, and for determining responsibility in the event of potential cybercrimes against the Website or third parties, and are then deleted.

Personal data provided by the User

Through the requests submitted via the Website, you will voluntarily provide Personal Data (such as name, surname, tax code, VAT number, email address, etc.).

 

C.S. GROUP S.R.L. will process these data in compliance with the Applicable Regulations, assuming that they relate to you or third parties who have expressly authorized you to provide them based on an appropriate legal basis that legitimizes the processing of the data in question. In such cases, you act as an independent data controller, assuming all legal obligations and responsibilities. Users who have doubts about which data are mandatory are encouraged to contact the Data Controller at the following email address: privacy@csgroupsrl.it.

Cookies

Cookies are information stored on your browser when you visit a website or use a social network with your PC, smartphone, or tablet. Each cookie contains various data such as, for example, the name of the server it came from, a numerical identifier, etc. Cookies may remain in the system for the duration of a session (i.e., until the browser used for web browsing is closed) or for longer periods and may contain a unique identifier code. For more information on the use of cookies, please read the Cookie Policy below.

Methods of Processing

The personal data of the Data Subjects may be processed both in paper and electronic form.

Profiling

C.S. GROUP S.R.L. does not carry out activities that require automated profiling of personal data and does not use, either directly or indirectly, automated tools that generate such classifications.

Data retention

C.S. GROUP S.R.L. will process personal data for the time strictly necessary to fulfill the purposes mentioned above, for 10 years in the case of accounting and/or administrative data, and for as long as necessary in the case of data required to defend legitimate interests. Data collected for newsletter, marketing, and commercial purposes will be processed until the data subject revokes the consent previously given.

Recipients

Your Personal Data may be shared, for the purposes specified above, with:

  • Subjects who operate on behalf of the Data Controller and provide services for the proper functioning of the C.S. GROUP S.R.L. Website and who typically act as Data Processors.
  • Persons authorized by C.S. GROUP S.R.L. to process Personal Data who have committed to confidentiality or have a legal obligation of confidentiality (e.g., employees and collaborators of C.S. GROUP).
  • Authorities, including judicial authorities, in the exercise of their functions when required by the Applicable Regulations.

Location and Data Transfer

The data are processed at the Data Controller’s operational offices and in any other location where the parties involved in the processing are located. For further information, please contact the Data Controller. Some of your Personal Data may be transferred to Recipients located outside the European Economic Area. C.S. GROUP S.R.L. ensures that the electronic and paper processing of your Personal Data by the Recipients is carried out in compliance with the Applicable Regulations. We do not transfer data outside the European Union. Any transfer of data outside the European Union would, in any case, occur based on an adequacy decision or Standard Contractual Clauses approved by the European Commission.

 

The Rights of the Data Subjects

Users can exercise certain rights with respect to the Data processed by the Data Controller.

In particular, the User has the right to:

  • Withdraw consent at any time. The User can withdraw the consent for the processing of their Personal Data previously given.
  • Object to the processing of their Data. The User can object to the processing of their Data when it is based on a legal basis other than consent. Further details on the right to object are provided in the section below.
  • Access their Data. The User has the right to obtain information about the Data processed by the Data Controller, certain aspects of the processing, and to receive a copy of the processed Data.
  • Verify and request rectification. The User can verify the accuracy of their Data and request updates or corrections.
  • Obtain the restriction of processing. When certain conditions apply, the User can request the restriction of the processing of their Data. In this case, the Data Controller will not process the Data for any other purpose than their storage.
  • Obtain the deletion or removal of their Personal Data. When certain conditions apply, the User can request the deletion of their Data by the Data Controller.
  • Receive their Data or have them transferred to another controller. The User has the right to receive their Data in a structured, commonly used, and machine-readable format, and, where technically feasible, to have them transferred without hindrance to another controller. This provision applies when the Data is processed using automated tools, and the processing is based on the User’s consent, a contract to which the User is a party, or related contractual measures.
  • File a Complaint. The User can file a complaint with the competent personal data protection authority (www.garanteprivacy.it) or take legal action.

The above rights can be exercised with respect to C.S. GROUP, as the Data Controller, by writing to the email address: privacy@csgroupsrl.it

LINKS TO OTHER WEBSITES

This privacy notice is provided solely in relation to the Data collected through the Website and with reference to the purposes outlined above, and not for any other websites accessed and/or accessible via links and/or widgets (e.g., social networks). These additional websites will process Data as independent data controllers and in accordance with their respective privacy notices, which users are expressly encouraged to review.

Changes to this Notice

This Privacy Policy is effective as of February 28, 2025. We reserve the right to modify or simply update the content of the Privacy Policy, in whole or in part, due to changes in the applicable regulations. We therefore encourage you to regularly visit this section to become aware of the most recent and updated version of the Privacy Policy so that you are always informed about the data collected and how we use it.